EP2171693A1 - System for management of ubiquitously deployed intelligent locks - Google Patents

System for management of ubiquitously deployed intelligent locks

Info

Publication number
EP2171693A1
EP2171693A1 EP08781861A EP08781861A EP2171693A1 EP 2171693 A1 EP2171693 A1 EP 2171693A1 EP 08781861 A EP08781861 A EP 08781861A EP 08781861 A EP08781861 A EP 08781861A EP 2171693 A1 EP2171693 A1 EP 2171693A1
Authority
EP
European Patent Office
Prior art keywords
lock
key
key device
lock device
control circuit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP08781861A
Other languages
German (de)
English (en)
French (fr)
Inventor
Thomas J. Clare
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Checkpoint Systems Inc
Original Assignee
Checkpoint Systems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Checkpoint Systems Inc filed Critical Checkpoint Systems Inc
Publication of EP2171693A1 publication Critical patent/EP2171693A1/en
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • EFIXED CONSTRUCTIONS
    • E05LOCKS; KEYS; WINDOW OR DOOR FITTINGS; SAFES
    • E05BLOCKS; ACCESSORIES THEREFOR; HANDCUFFS
    • E05B67/00Padlocks; Details thereof
    • EFIXED CONSTRUCTIONS
    • E05LOCKS; KEYS; WINDOW OR DOOR FITTINGS; SAFES
    • E05BLOCKS; ACCESSORIES THEREFOR; HANDCUFFS
    • E05B73/00Devices for locking portable objects against unauthorised removal; Miscellaneous locking devices
    • E05B73/0017Anti-theft devices, e.g. tags or monitors, fixed to articles, e.g. clothes, and to be removed at the check-out of shops
    • EFIXED CONSTRUCTIONS
    • E05LOCKS; KEYS; WINDOW OR DOOR FITTINGS; SAFES
    • E05BLOCKS; ACCESSORIES THEREFOR; HANDCUFFS
    • E05B73/00Devices for locking portable objects against unauthorised removal; Miscellaneous locking devices
    • E05B73/0017Anti-theft devices, e.g. tags or monitors, fixed to articles, e.g. clothes, and to be removed at the check-out of shops
    • E05B73/0023Containers, boxes, cases or the like, e.g. for compact discs or video-cassettes, specially adapted therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/27Individual registration on entry or exit involving the use of a pass with central registration
    • GPHYSICS
    • G08SIGNALLING
    • G08BSIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
    • G08B13/00Burglar, theft or intruder alarms
    • G08B13/02Mechanical actuation
    • G08B13/14Mechanical actuation by lifting or attempted removal of hand-portable articles
    • EFIXED CONSTRUCTIONS
    • E05LOCKS; KEYS; WINDOW OR DOOR FITTINGS; SAFES
    • E05BLOCKS; ACCESSORIES THEREFOR; HANDCUFFS
    • E05B47/00Operating or controlling locks or other fastening devices by electric or magnetic means
    • E05B2047/0094Mechanical aspects of remotely controlled locks
    • EFIXED CONSTRUCTIONS
    • E05LOCKS; KEYS; WINDOW OR DOOR FITTINGS; SAFES
    • E05BLOCKS; ACCESSORIES THEREFOR; HANDCUFFS
    • E05B47/00Operating or controlling locks or other fastening devices by electric or magnetic means
    • E05B47/06Controlling mechanically-operated bolts by electro-magnetically-operated detents
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00388Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks code verification carried out according to the challenge/response method
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/0042Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00634Power supply for the lock
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • G07C2009/00865Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed remotely by wireless communication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00896Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles

Definitions

  • This invention relates generally to security systems and more particularly to locks, locking systems and methods for protecting items via locks and for providing access control via locks.
  • EAS tags Electronic article surveillance
  • RFK radio frequency identification
  • Some types of EAS tags comprise a sticker or label including a deactivatable resonant circuit which, if not deactivated when the tagged item is paid for and checked out, will cause an alarm signal to be produced when the item bearing the tag is brought past an antenna system at the exit of the store. Deactivation of many types of EAS tags is typically accomplished by the application of a high voltage signal to the tag's resonant circuit at the checkout counter to prevent it from resonating in the field of the antenna system.
  • EAS tags may be in the form of what are called "hard tags.”
  • a hard tag can be thought of as being closely related to a lock since it basically comprises a device which is releasably secured onto the item to be protected, so that it is resistant to removal, and which includes means that will produce an alarm when the tag is brought past the antenna system at the exit of the store if the tag has not be removed from the item.
  • Hard tags typically include a plastic housing made up of two cooperating housing components which together form an actuatable locking mechanism.
  • one component contains a pin and the other component a magnetically operated, spring loaded ball clutch. The pin of the one component is arranged to be pressed through a portion of the item to be protected and inserted into the clutch of the other component.
  • the clutch is arranged to hold the pin until an externally applied magnetic force releases opens the clutch, thereby releasing the pin.
  • the unlocking of a magnetically actuated locking mechanism is typically accomplished by the check-out clerk bringing the hard tag to a location at the checkout counter where a powerful magnetic field is generated to release the clutch.
  • the hard tag can be removed from the item to be sold, so that when the item is carried past the antenna system at the exit of the store, there is no tag on the item to set off an alarm.
  • Other devices for releasable (e.g., lockable) attachment to an item to be protected are so called “safers" and "spiders.”
  • One example of a safer is shown in copending United States Patent Application, S.N.
  • a "spider" basically comprises an alarm tag with one or more retractable cable lanyards by which it is affixed to merchandise to be protected. See for example United States Patent Nos.: 5,722,266 (Yeager et al.) and 5,794,464 (Yeager et al.).
  • EAS and RFID tag systems are particularly susceptible to avoidance by employees of the store, e.g., the employees may remove or otherwise disable the tag.
  • One particular avoidance scheme is known as "sweet-hearting."
  • sweet-hearting In the context of deactivatable EAS tags, such action can be accomplished by the checkout clerk deactivating the tag on an item, but not ringing up the sale on the register, so that the item can be taken from the store without producing an alarm.
  • sweet-hearting can be accomplished by the check-out clerk placing the hard tag within the magnetic field to release the clutch and thereby enable the tag to be removed, but not ringing up the sale.
  • authenticated detachment systems To minimize the chances of sweet-hearting of items to be protected with hard tags, so-called “authenticated detachment” systems have been proposed.
  • One type of system is that disclosed in U.S. Patent No. 7,242,304 (Clancy, et al.), entitled System and Method for Authenticated Detachment of Product Tags, which is assigned to the same assignee as this invention and whose disclosure is incorporated by reference herein.
  • Such authenticated detachment systems basically comprise hard tags including an RFID circuit.
  • the magnetic detacher i.e., the device that magnetically releases the ball clutch of the tag, includes an RFID reader.
  • Such a system can be operated so that it will only permit the detacher to release the tag (or prevent the system from setting off an alarm if the tag remains on the item) if the tag is read into the register or the store's computer system.
  • Avoidance of tag detection systems can also be achieved by use of various types of anti- detection devices, depending upon the type of security tag used. For example, if the tag is in the form of a label or sticker including a resonant circuit, some thieves may make use of metal-foil- lined bags into which the tagged pilfered merchandise can be placed so that the electronic system for detecting the tag is unable to do so. If the tag is a hard tag, some thieves may make use of a powerful magnet which they carry to release the clutch mechanism of the hard tag to permit them to remove the hard tag before they attempt to take the item out of the store.
  • Another commonly used technique used to protect items from theft is to lock particularly susceptible items, e.g., small, high- value items, in a pilfer-proof environment, e.g., in a cage or some other secure structure within the retail establishment.
  • a locked environment has some advantages from a security standpoint to reduce theft, it has various disadvantages from a merchandising standpoint.
  • the use of a locked, restricted environment may impede the sales of the item by making it difficult for consumers to put their hands on the item to examine it.
  • the use of locked environment for items to be sold presents various complications and concomitant problems resulting from the inherent need for keys, particularly physical keys, to unlock the secure environment(s) where the items are held. The same holds true for items to be protected during transportation, e.g., by truck containers from the warehouse to the retail establishments.
  • 6,957,767 there is disclosed a mailbox equipped with an RFED reader that is arranged to be powered by a battery or by an electrical line connected to the mailbox.
  • An RFID tag is also provided to continuously transmit a signal which contains an RF identifier. Upon receipt of that signal the RFID reader compares the RF identifier in the signal to an RF identifier assigned to the mailbox. If a match is established, the mailbox is unlocked and access is permitted.
  • the signal transmitted may be encrypted for security. See also, Published United States Patent Application US2005/0156752 Al (Finkenzeller et al.) which discloses as system making use of transponder to send a wireless signal to a device that is arranged to control the opening of a door.
  • That device includes a small battery to power it.
  • the device unlocks the door. While the forgoing lock systems may appear generally suitable for their stated purposes, they require on-board power, e.g., a battery, for the unlocking device to operate, a less than optimal solution.
  • EAC electronic access control
  • Various intelligent locks exist which are meant either to enhance the security of physical locking devices, such as vaults, to avoid costly re- keying of conventional pin-tumbler or replaceable core locks, or to achieve rapid electronic reporting and control of privileges.
  • These systems use relatively low cost identification cards as keys and relatively expensive card reader and lock controllers. While flexible and powerful, due to cost these systems are inappropriate for ubiquitous lock deployments. Where there are to be many locks and few keys, conventional EAC, intelligent lock, and RPID systems are not economically feasible.
  • lock formats including, at one extreme, strong, fixed lock devices as may be found on vaults or entrance doorways, and, at the other extreme, small, inexpensive, and possibly disposable formats which are portable and not normally connected to either power sources or communications networks.
  • the shortcomings of prior systems for managing controlled access to merchandise, facilities, and controls are overcome in the present invention by a variety of means.
  • the invention provides a system which is very low in cost both to deploy and to maintain. At the same time, it provides automated monitoring and control of all access activities. It does so without compromising security, and in a way which allows unprecedented cooperation of various parties in the management of locked goods.
  • a lock system comprising: a remote actuating key device which comprises a portable member arranged to wirelessly transmit at least one radio frequency signal; a passive lock device which comprises an actuatable trigger mechanism coupled to a control circuit, and wherein the control circuit is adapted to receive the at least one radio frequency signal for electrically powering the control circuit; and for determining if the signal is appropriate to unlock the lock device.
  • the control circuit also generates a trigger signal if the signal is determined to be appropriate, wherein the trigger signal is received by the trigger mechanism which activates the trigger mechanism to enable the lock device to be unlocked; and a computer network, wherein the computer network and the key device are adapted to communicate via a wireless communications connection (e.g., messages may be relayed by the key device between the lock device and the computer network).
  • a wireless communications connection e.g., messages may be relayed by the key device between the lock device and the computer network.
  • a method of protecting a structure by use of a lock system comprising: (a) coupling a passive lock device to a structure for protecting the structure; (b) wirelessly transmitting at least one radio frequency signal from a remote actuating key device which includes a portable member; (c) receiving the at least one radio frequency signal by a control circuit of the passive lock device for electrically powering the control circuit; (c) determining, by the control circuit, if the at least one radio frequency signal is appropriate to unlock the passive lock device, and generating a trigger signal, by the control circuit, for receipt by an actuatable trigger mechanism coupled to the control circuit if the at least one radio frequency signal is determined appropriate and not generating the trigger signal if the at least one radio frequency signal is determined not appropriate by the control circuit; (e) enabling the lock device to be unlocked by the trigger mechanism when the trigger signal is received by the trigger mechanism; and (f) communicating, by the remote actuating key device, with a computer network via a wireless communication network (e.g., messages may be relayed
  • access to the key device and lock device may be controlled through a variety of means including the execution of internal algorithms by the key device or lock device, input from the user of the key device, communications between the key device and the computer network, or combinations thereof.
  • Fig. 1 is a schematic view of one exemplary embodiment of a locking system constructed in accordance with the subject invention
  • Fig. 1 A is a functional diagram of the lock shown in the exemplary embodiment of Fig. l;
  • Fig. IB is a functional diagram of the electronic key shown in the exemplary embodiment of Fig. 1 ;
  • Fig. 1C is a block diagram of an exemplary "smart card" core module that forms a portion of the on-board electronics for the electronic key and for the lock shown in the exemplary embodiment of Fig. 1 ;
  • Fig. 2 is an exploded view of a hard tag forming a part of an exemplary locking system, like that of Fig. 1, shown protecting a garment from theft;
  • Fig. 3 is an isometric view of a safer forming a part of an exemplary locking system, like that of Fig. 1 , shown protecting a CD or DVD from theft;
  • Fig.4 is a block diagram of various devices which may make use of the subject invention and showing various structures (static and portable/movable) for which the locking system of the invention can be used;
  • Fig. 4A is a block diagram of various devices which may make use of the subject invention and showing various controls (discrete setting, i.e., bi-state or poly-state; continuous setting; or data flow control) for which the locking system of the invention can be used.
  • various controls discrete setting, i.e., bi-state or poly-state; continuous setting; or data flow control
  • Fig. 5 is a schematic representation of an exemplary embodiment of an access privilege control system constructed in accordance with one aspect of this invention and depicting the elements that may be involved in deploying the system in a retail facility;
  • Fig. 6 is an illustration of an exemplary embodiment of the key device;
  • Fig. 7 is a schematic representation of an exemplary embodiment of an access control system constructed in accordance with another aspect of the subject invention as implemented jointly with a prior art electronic access control system;
  • Fig. 8 is a schematic representation of an exemplary embodiment of the subject invention which uses a cellular telephony network to achieve ubiquitous deployment of intelligent locks by consumers;
  • Fig.9 is a schematic representation of an exemplary embodiment of the subject invention in the form of a process for dynamically controlling user operation of key devices;
  • Fig. 10 is a schematic representation of an exemplary embodiment of the subject invention in the form of a process for dynamically controlling lock device and key device interactions
  • Fig. 11 is a schematic representation of an exemplary embodiment of the subject invention in the form of a process for dynamically controlling the relocking of a lock device opened by a user of a key device;
  • Fig. 12 is a table representing an exemplary embodiment of the subject invention depicting access credentials of lock devices and of key devices as may occur in a retail facility.
  • the invention involves a lock device and a key device. Several optional configurations of each are described below.
  • the invention includes other devices in communication with key devices and/or each over network connections. The other devices perform a variety of functions alone or in combination with each other or in combination with the lock device and the key device as will be described below.
  • key device refers to a portable member by which its holder may gain access to a lock device.
  • a key device performs a function equivalent to an ordinary mechanical key that a person would carry to manipulate the lock on the front door of their home.
  • a key device is a personal, portable way to demonstrate to the satisfaction of a lock device that the holder of the key device possesses sufficient authority to actuate the lock device.
  • the key device of this invention is not a simple mechanical key. It is rather primarily an electronic device. Normally it is self-powered, as by a rechargeable battery. It contains electronic means of communicating with a lock device, and may contain separate means for communication with a network. It is advantageous in many circumstances that both communication channels of the key device be wireless communication channels. Key devices could be small, single-purpose devices in the form of wands, watches, bracelets, pendants, placards, key fobs, or other easily carried items. Key devices could also include more complex user interfaces to resemble remote control devices.
  • a key device could further be incorporated into a more sophisticated personal computing or communication device such as a cellular telephone, personal digital assistant, pager, laptop computer, or the like. Key devices could even been built into, or attached to, permanent fixtures or vehicles. However, they preferably take the form of a portable member that may be carried by an individual and applied wherever that user sees fit to do so.
  • lock device refers to a lock which is arranged to communicate with a key device.
  • a lock device contains at a minimum one communication channel to receive information from, or conduct a dialogue with, a key device.
  • the lock device may be arranged to function like an ordinary portable mechanical padlock having a robust housing and a bar which, when locked, cannot be dislodged from the housing.
  • the lock device may alternatively be fixed onto a structure, e.g., in the manner of a door lock.
  • the lock device may also alternatively be arranged as a secure control device, whereby actuation by a key device changes either the state of an electrical switch, such as a vehicle ignition, or changes an electrical or pneumatic control level, e.g., in the manner of a light dimmer switch or hot water valve respectively.
  • an electrical switch such as a vehicle ignition
  • an electrical or pneumatic control level e.g., in the manner of a light dimmer switch or hot water valve respectively.
  • the lock device is preferably arranged to receive at least one signal from the key device wirelessly, e.g., at radio frequency.
  • the lock device comprises an actuatable trigger mechanism, and a control circuit.
  • the trigger mechanism when actuated, enables either the mechanical interlock to be opened or the control device to be operated.
  • the control circuit is adapted to receive the at least one radio frequency signal from the portable member for electrically powering the control circuit.
  • the control circuit is also arranged to determine if the at least one radio frequency signal is appropriate, whereupon the control circuit produces a trigger signal.
  • the trigger mechanism is coupled to the control circuit and is responsive to the trigger signal to enable the mechanical interlock to be opened or the control device to be operated.
  • a protection system comprising a lock system and a structure, e.g., a static structure or portable/movable structure, such as a container for holding one or more plural items, to be protected by a lock device.
  • the lock system is preferably constructed as set forth above.
  • a method for protecting a structure e.g., static or portable/movable
  • the method basically entails providing a lock system that is preferably constructed as set forth above and coupling that system to the structure to be protected.
  • the lock device of the invention does not require any additional connection or communications channel. Instead, optionally in a preferred embodiment, all needed power and communication transmission can come through the key device.
  • Much of the cost of deploying traditional EAC systems is in the labor to run power and data wires to EAC badge readers.
  • Wireless badge readers trade wireless hardware costs for data wiring, but still require power wiring, large batteries, or manual operation. It is even preferable, but not necessary, that the lock device should contain no battery, since batteries are a source of potential failure and often require routine maintenance.
  • a fundamental aspect of any access control system is how the use, misuse, and / or abuse of lock devices and key devices may be monitored.
  • the present invention provides a method for achieving recording of key device events. This includes proper uses, as when a holder of a key device presents the key device to a lock device that the holder is authorized to access. It also includes improper uses, as when a holder attempts to access an unauthorized lock device. Since the lock device is not normally connected to a network, this reporting may instead be done through a key device which is connected to a network. Thus, automated visibility of key use and abuse may be achieved without a direct connection of the lock device to a network. This may happen at the time of the event. Alternatively, the data may be buffered for transmission at some later time. For security purposes, it is desirable that, in either case, this transmission should occur without requiring the consent of the key holder.
  • the alteration can be accomplished either through methods for the management of the key device or through methods for management of the dialogue between the lock device and the key device.
  • the key device could require a fixed password from a user.
  • a holder of a key device could be assigned a personal identification number (PIN) that will enable the key device. If the holder does not know the PIN, the key device will refuse to communicate with lock devices, but may report the failed activation attempt to the network.
  • PIN personal identification number
  • the key device could automatically permute the required password periodically.
  • the password that worked for the first seven days will not work thereafter. This may be achieved by the key device itself, and not require any network connection. To use the key device, the user must acquire a new password periodically.
  • a key device might be enabled or disabled by the issuance of a command from the network to the key.
  • a command might be the result of an automatic operation or a user action.
  • this could involve a dialogue with the network, i.e., a user may be prompted for a password that is known to the network but not necessarily to the key device itself.
  • a key device might be arranged to enable or disable itself in accordance with an internally programmed set of rules including such factors as the provenance of the key device. For instance, if a key is used improperly a certain number of times, or in combination with certain other lock devices or key devices, it may determine independent of the volition of its user that it must cease functioning. Of course, a large variety of permutations of all these four basic key management methods are possible.
  • each lock device could have a fixed password as is taught in the prior art. Only key devices presenting correct the password could operate each lock device.
  • the dialogue between the lock device and the key device could further involve communication with a network.
  • the key device which preferably is arranged to communicate with a network may, while in communication with a lock device, make inquiries of other network connected devices in order to obtain information necessary to satisfy the lock device of the authority of the key device to actuate the lock device.
  • the key device could provide the lock device with a channel by which the lock device may communicate with the network. This is distinguished from the first form in that the key device does not receive or act upon the information transmitted through it between the lock device and the network other than to relay it between the other two devices. In practice this would be analogous to a human guard confronting an unfamiliar person at the entry gate to a facility.
  • the guard may be able to verify that the person has presented proper credentials, but still not know whether the person is to be properly allowed access. To find out, the guard places a call to a central authority and discusses the situation. Together, the guard and the central authority arrive at a consensus decision on whether to allow access. To extend the metaphor, imagine that the guard has no telephone of his own, but must borrow the cell phone of the unfamiliar person to place the call to the central authority. The guard may have to go through elaborate procedures to insure that he has obtained a secure connection to the legitimate central authority, but such encryption and/or authentication methods are known. Similarly, the lock device of the invention can communicate to the network through a channel provided by key device. The lock device can use that communication to determine whether the key device is then to granted access.
  • the lock device could permute its required password periodically. Just as with the key device, there is no reason for the password of the lock device to be fixed. Nor would it be necessary for it to be changed manually.
  • the key device When the lock password changes, to operate the lock device, the key device must acquire a new password.
  • the algorithm by which the lock device selects its new password is preferably obscure to the key device, forcing the key device to be in contact with the network to obtain, if permitted, the new password.
  • the lock device may contain a fixed matrix of access privilege conditions. For example, the lock device may require that a certain key device provide certain access codes on certain dates. Assume that the matrix is not stored in the key device. After some time, only key devices which are authorized to communicate with the network would be able to receive the needed code to access the lock device.
  • Such a matrix could embody a set of rules for the proper access privileges of key devices to actuate the lock device base on the provenance of either the lock device or the key device, e.g. who last actuated the lock, where the key was last used, etc.
  • the lock device could contain complex algorithms for the generation of new access codes in response to any number of conditions. Such a state machine would be analogous to other cryptographic systems. Here disablement of the privileges of the key device could be achieved by simply withholding from the key device some element of the algorithm or code sequence necessary to respond to a cipher generated request.
  • Locks devices may be affixed to secure parcels, such as shipping totes and luggage, which are exchanged between facilities and indeed between organizations. Keys devices may travel with individuals dealing with plural organizations. An example of this would be a delivery person for a brand of consumer product goods who travels from store to store to replenish merchandise. It is not new that lock devices may be shipped. What is new are the features of those lock devices which now allow controlling authorities to securely manage the virtual distribution of the access privileges to key devices previously distributed.
  • the invention provides, among other advantages, easy automatic management of key privileges, and easy physical exchange of lock devices among facilities. Significantly, no network or power infrastructure or connection is necessary for the lock devices. Further, no labor is required, and hence no willful cooperation of users is required, to obtain information about the use or attempted use of key devices.
  • Fig. 5 a universal lock system 21 constructed in accordance with one exemplary embodiment of this invention.
  • universal it is meant a system which may include a variety of formats of lock devices all compatible with an associated variety of key devices.
  • the lock device is depicted as a low cost, robust, strong, portable lock device 22.
  • the key device 24 is a remote, electronically-operative, hand-held member for actuating the lock device 22. In most cases by “actuating” it is meant either locking or unlocking the lock device 22.
  • a user 132 uses the key device 24 to actuate the lock device 22 via a wireless communication channel 122.
  • the key device 24 communicates separately to a local database 140 over a wireless network 134 through a wireless hub 138 and the hub's network connection 184.
  • the privileges of the key user 132 may be set by a manager 144 through a terminal 142 via a network connection 183 to the database 140.
  • Key users may acquire their key devices at an optional registration station 130 which is optionally connected 180 to the database 140.
  • Events reported by the key device 24 and other information entered by the manager 144 may be shared with a remote database 160 via a wide area network 150, such as the Internet, and network connections 185 and 181.
  • the investigator 164 may disable or alter any or all access privileges, such as to a specific lock device 22, a specific key device 24, a specific user 132, or even a manager 144 or a terminal 142.
  • the lock device 22 and key device 24, can, of course, take many forms, as can many other elements of the system, as well as the configuration of the system. To understand these options, below follows in turn discussions of : the key device, how the key device may be managed, the lock device, basic interaction of the lock device and the key device, more advanced options for this interaction, and finally other options for the configuration of the lock device, key device, and the system. Thereafter are descriptions of derivative applications of these configurations.
  • the locking system 20 of the subject invention consists of a lock device 22 and a key device 24.
  • These electronic devices may incorporate a variety of optional aspects. At all times they incorporate the means to communicate with each other, normally bi-directionally.
  • the key device may work in concert with a variety of other devices within a facility.
  • the lock device normally works in concert only with the key device and the object which it is controlling or securing.
  • the key device 24 can take a variety of forms, hi the interests of drawing simplicity, an exemplary key device 24 is shown in Fig. IB.
  • the exemplary key device 24 comprises a housing 36 which contains the on-board electronics 38, a first antenna 40, a keypad/display 43, a power source 45, a second antenna 47, and a plurality of indicators 53 (four of which are shown in Fig. 1, two of which are shown in Fig. IB, and three of which are shown in Fig. 6.)
  • the power source 45 may comprise a battery (e.g., large NiCad battery), which may also be rechargeable, for powering the key' s on-board electronics and indicators.
  • the battery 45 also provides the electrical power Pl that is transmitted to power the lock device 22.
  • the power Pl may be wirelessly transmitted to the lock device 22. It need not be conducted electrical power.
  • the power Pl could be in the form of electromagnetic radiation such as light, a magnetic field, or microwaves, etc. It may also be ultrasonic power.
  • the key device 24 includes some means for producing the alternative wireless power signal and the lock includes some means to convert the alternative wireless power signal into an electrical signal for use by the lock device's electrical circuitry.
  • the antenna element 40 transmits both a power signal Pl and a data signal S 1 to the lock device 22.
  • the content of the communication with the lock device is managed by an encryption core 49.
  • the key device also contains a CPU (central processing unit) 51.
  • the CPU manages dialogue with the user through optional input devices 43 and output devices 53.
  • the CPU typically also manages the optional network communication channel via an antenna 47.
  • the key device preferably transmits information regarding its usage to a central database its equivalent (e.g., item 140 in FIG. 5.)
  • a portion of the data on at least one communication channel is encrypted.
  • Preferably all communications among lock devices, key devices, local databases, and remote databases would be secured by encryption.
  • the communication between the electronic key and the computer system can be other than wirelessly, e.g., it can be by hardwired network connection, an infrared link, or by physical connection to a port on the computer network, etc.
  • the keypad/display 43 comprises any conventional input/output (UO) device that a user can read and manipulate in order to respond to the interrogation/communication that is initiated between the electronic key device 24 and the lock device 22.
  • a plurality of indicators 53 e.g., light emitting diodes, or LEDs
  • the encryption core 39 and the CPU 51 cooperate to generate encoded data signals, based in part on user inputs from the keypad/display 43, in order to provide the wireless data signal S 1 in response to inquiries from the lock device 22.
  • the core 39 and CPU 51 also provide decryption functions for signals received from the lock's on-board electronics 32.
  • the first antenna 40 is electrically coupled to the encryption core 49.
  • an exemplary core module 49 for use by the key electronics 38 is similar, although perhaps not identical, to the one depicted in Fig. 1C.
  • the on-board circuitry 38 of the key device serves as a transceiver to send control and data signals S 1 to the lock device 22 and to receive electrical signals from the lock device 22.
  • the antenna 40 is provided as part of the transceiver. It should be pointed out at this juncture that the signals S 1 that are sent by the transceiver's antenna 40 to the lock device 22 can also be used to power the on-board circuitry 32 of the lock device 22 in addition to providing that circuitry 32 with the data and control information, so in that case an independent power signal Pl would not be needed.
  • Fig. 6 depicts the exterior of a key device 24 of the subject invention as a user might view it.
  • the antenna 40 for communication with the lock device 22 is shown protruding from the housing 36.
  • the user interface is shown as consisting of a keypad 43 and a set of LEDs 53.
  • Fig. 6 shows an optional card reader 62 by which a user identification card 61 may be read or written to. Such a card may be useful for identification purposes to activate the key device 24 or for the transfer of data to or from the key device 24.
  • the key device is also arranged to wirelessly communicate with any computer system of a business, such as a cash register, the inventory management and control system, etc. Referring to Fig. 5, the key device
  • the key device 24 is preferably connected by some path to a central database 140 controlling the use of key devices within the facility.
  • the key device could be isolated and communicate only with lock devices. Alternatively, it could communicate with only one additional specialty device, such as, for example, the cash register.
  • the invention provides a variety of mechanisms whereby a simple, intuitive, and optionally automatic key device management regime may be achieved.
  • the management of key devices includes the ways in which keys are enabled and disabled, and the ways that that the uses of keys are monitored.
  • the key device is enabled only upon the presentation of acceptable credentials to either the key device or to a local or remote database.
  • the ability of the key device to communicate with lock devices can be disabled permanently or temporarily pending submission of acceptable credentials. This could be accomplished by disabling the communication channel by which the key device communicates with lock devices. Alternatively, disablement may be achieved by withholding the release of certain data items which are essential for obtaining responses from certain lock devices.
  • Fig. 9 is a schematic representation of an exemplary embodiment of the subject invention in the form of a process for dynamically controlling user operation of key devices.
  • the process 500 begins when the user makes an action indicating a request for access 502.
  • the key device makes a determination 504 whether or not it itself is authorized to proceed. Such authorizations may have time limits. If not, the key initiates a connection 506 to the local database which in turn decides whether to authorize the key 508.
  • the local database normally holds a record of this decision either way. In the case that access is denied, it may make an immediate report of the event to a remote database 510.
  • the key device decides separately whether the user of the key is currently authorized 512.
  • a key device may be required to re-authorize by contacting the local database every day, every hour, or even every minute.
  • a user may be required to re-authorize, for example, if ten minutes have elapsed since the last use, or every ten uses, or whenever the key loses connection with the local database.
  • the key device may prompt the user to enter pass code 514. The user then enters the code 516, which is verified by the key device 518. Failing codes may be reported 510 immediately to the local database, the remote database, or both.
  • further processing may proceed to engage the lock device in a dialogue 520.
  • the key device is automatically disabled periodically for added security. Such disablement can take place simply due to the passage of time. This disablement could be effected by either the receipt of a command from the network, or by an internal timing process within the key device.
  • disablement of the key device may be triggered by other factors.
  • the first database is arranged to disable the key upon a condition selected from the group consisting of: a command from a local or remote database; a command from a user of a local or remote database; a command from the lock; and an automatic limit threshold.
  • the disablement could be triggered by automatic or manual methods. Non-limiting examples of manual methods include database user commands.
  • Non-limiting examples of automatic methods include a high security lock issuing a command to disable a low authority key device that is improperly presented, and alternative a database system process which issues a disablement command in response to the user of the key achieving an abnormal or proscribed level or type of use.
  • the details (e.g., time, date, user, result, etc.) of this interaction be recorded.
  • this may be achieved by having the key device 24 automatically transmit such data to a remotely-located receiver 138 which communicates in turn with a database 140.
  • This creates a trail of forensic quality data.
  • this data can be used defensibly as a basis for making human resources decisions such as, but not limited to, discipline, dismissal, payment of bonuses, or promotion, as may be appropriate.
  • the network communication channel of the key device 24 may be implemented as IEEE 802.11 protocol variants or similar interface. This may require that a special applications and communications processor 51 and antenna 47 be included in the key device 24. These are separate from, and in addition to, the core processor 49 which communicate with the lock device 22 via the lock interface antenna 40.
  • real time is understood to mean sufficiently concurrent with an event to allow dispatch of potentially effective countermeasures to minimize potential economic losses due to the event. For example, sounding an alarm or securing a perimeter when a lock has been forced would be considered a real-time response to the thief attempting to leave the scene with the stolen goods.
  • this transmission should occur independently of the volition of the user of the key device.
  • Fig. IA depicts an exemplary lock device 22 performing the familiar function of an ordinary padlock.
  • the circuitry 32 is preferably programmable to enable the lock device 22 to be used for numerous applications such as those shown in Fig. 4 and Fig. 4A.
  • the lock device 22 basically consists of three sections: a key interface, a mechanical interlock, and an electromechanical interface.
  • the key interface of the lock device 22 consists of a wireless interface antenna 42 and a wireless communication processor 39.
  • the mechanical interlock consists of a housing 26, a bar 28 with a notch 33, and a latch 30.
  • the electromechanical interface consists of an energy storage device 37, a trigger mechanism 34 possibly comprising a trigger control 35 and a trigger
  • the key interface of the exemplary lock device 22 operates as follows.
  • the key device 24 communicates data to the lock device 22 via a wireless data signal Sl.
  • the data signal S 1 preferably comprises radio frequency (RF) signals in the range of approximately lOOkHz to ⁇ GHz.
  • RF radio frequency
  • the data signal S 1 preferably comprises radio frequency (RF) signals in the range of approximately lOOkHz to ⁇ GHz.
  • RF radio frequency
  • Lower frequency magnetic mode coupling antennae can reduce the susceptibility of the transmissions between key devices and lock devices to being intercepted.
  • the data signal S 1 is received by a pickup antenna 42, which here is depicted as a winding about a core, but could take many forms.
  • the signal is then interpreted by the wireless communication processor 39.
  • the data interface may be bidirectional, in which case the communication processor 39 also synthesizes responses to data signals received from the key device.
  • the key device 24 also provides a power signal Pl wirelessly.
  • the lock device 22 is preferably a passive component, i.e., having no on-board power, but instead relies on power transmitted wirelessly to it from the electronic key device 24 or some other wireless transmitter.
  • the wireless data signal S 1 and wireless power signal Pl could either be separate signals or different aspects of a single signal.
  • P 1 could be the 13.56MHz carrier of an ISO 14443 signal
  • Sl be the data content of the same waveform.
  • Power to operate the circuitry 32 and electromechanical devices could be rectified by the communication processor 39 and store in energy storage device 37, which could take the form of a capacitor.
  • the lock device 22 could include a very long-lived power battery for powering all or a portion of the circuitry of the lock over a very long period of time (e.g., years), without necessitating battery replacement.
  • the power storage device 37 would comprise a battery.
  • Rules and data for determining under what circumstances the lock device will be operated by a key device can be stored in wireless communication processor 39 (Fig. IA). Such rules and data can be preprogrammed into the circuitry or changed "on-the-fly" (wirelessly transmitted to the circuitry).
  • Cryptographic and other electronic security features are preferably included in the lock, via its on-board circuitry 32.
  • the on-board circuitry 32 is preferably able to provide wireless signals back to the electronic key device 24 indicating its operating and usage parameters, e.g., when the lock was opened, by whom, and under what conditions; whether the lock is currently in a secure state, clarifications necessary to effect operation; etc.
  • This feature enables the lock device to be an integral part of a data collection system for keeping track of inventory, personnel, suppliers, etc. or as part of a mobile commerce system. It should be further noted that this time-date stamping and identity-of-user function of the electronic key device 24 provides a crucial feature of the present invention: eliminating undocumented use of the lock device 22. In other words, a person trusted or authorized to use the electronic key device 24 to open the lock device 22, may still choose to, or unknowingly, be part of an unauthorized act. The fact that the every key device-lock device interaction is recorded provides an important deterrent since the recordation of the key device-lock device interaction event automatically occurs.
  • the inquiry to the key device 24 user may be a personal question such as the maiden name of his/her mother.
  • the transmission of the data to the remotely-located receiver 138 and database 140 need not be accomplished via the second antenna of the key device 47.
  • the data may be transmitted by the antenna 40 of the key device or even the antenna 42 of the lock device.
  • the key device 24 may or the lock be brought to some location where its data can be downloaded via a hardwired connection for use by the remotely-located database 140.
  • the mechanical interlock of the exemplary lock device 22 of Fig. IA is analogous to that of an ordinary padlock. It should be pointed out at this juncture that locks can be constructed in accordance with this invention that are not of the padlock type.
  • This invention contemplates any type of lock which is arranged to be opened or unlocked either manually or, alternatively, automatically when an appropriate signal is received from the key. Further, this invention contemplates other devices which are manipulated by means of keys, such as electrical switches, electrical controls, and valve controls.
  • the exemplary lock device 22 includes a case or housing 26, a movable bar 28, and a latch 30.
  • the latch 30 can be of any suitable construction, hi the exemplary embodiment shown, the movable bar 28 is prevented from displacement away from the housing 26 due to the presence of the latch 30 in a cavity 33 in the bar 28.
  • the trigger mechanism 34 may comprise a spring loaded device, which stores potential energy when the bar is closed, i.e., the mechanical force applied to close the bar 28 so that it is locked is transferred to the trigger 31 where it is stored for later use (release) to unlock the bar 28 when triggered (as will be described later).
  • the trigger mechanism 34 may include electronic control of the latch 30 and, as such, may also comprise a trigger control 35 portion for controlling the trigger 31 to extend or withdraw the latch 30.
  • a conventional padlock basically comprises a housing, a movable bar (e.g., a U-shaped member) connected to the housing and which is arranged to be moved with respect to the housing between an open and closed position and vice versa, a tumbler mechanism which is located in the housing and constitutes the interpreter for the lock's key so that the lock "knows" which key to allow and which to deny, a trigger which responds to the tumbler mechanism sensing the appropriate key being in place and a latch coupled to the trigger to hold the bar securely in place (closed) until the latch is actuated by the trigger in response to the appropriate key cooperating with the tumbler mechanism.
  • the housing constitutes the case for the lock that keeps the latch, trigger, and tumblers free from tampering
  • the communication processor 39 comprises a function analogous to the tumblers of the padlock. It is arranged to determine whether the key device 24 with which it communicates should be allowed or denied access. Access in this example is the actuation of the trigger 31 to release the latch 30 and allow free motion of the bar 28. If the core communication processor 39 decides that the key should be allowed access, the electromechanical interface converts that electronic decision into physical action.
  • the communication processor 39 can be realized as a "smart card” core module.
  • Fig. 1C depicts an exemplary "smart card” core module 39 and, by way of example only, this may be implemented using a Philips Semiconductor P5CT072 Secure Triple Interface PKI Smart Card Controller, or any other suitable electronic circuit. Referring again to Fig.
  • the core module 39 in the lock electronics 32 comprises memory containing a plurality of passwords and other authenticating details which are pre-stored and that are used by the core module 39 to analyze the data received from RF signal from the electronic key device 24 in order to determine whether to activate the trigger control 35 or not.
  • the core module 39 generates encoded authenticity questions for the holder of the key 22 which, in turn, responds with encoded responses. Only if the lock electronics 32 are satisfied with the answer, will the core interface 41 activate the trigger control 35 to release the latch 30 and thereby the moveable bar 28.
  • Fig. IA depicts a core interface 41 which, if necessary, may serve as an internal input/output encoder/decoder to connect the core processor 39 with other electronics, sensors, or actuators within the lock device assembly.
  • the exemplary lock device 22 includes a trigger mechanism 34 that is arranged to be actuated by very low power.
  • the trigger mechanism 34 comprises a trigger control 35, a trigger 31 and the latch 30.
  • the trigger 31 is arranged to be responsive to an actuation or trigger signal (indicating that the lock should be opened) from the trigger control 35 to activate the trigger 31 to retract the latch 30 to enable the bar 28 of the lock device 22 to be opened.
  • the trigger control 35 emits the trigger signal to the trigger 31 only when the on-board electronics 32 is satisfied that an authorized person is using the key device 24 based on the communication occurring between the on-board lock electronics 32 and the onboard key electronics 38.
  • the latch 30 of the lock device 22 may comprise a spring loaded device. However, it can be of other constructions, each of which being arranged to store considerable mechanical energy in it and which is available for release when triggered by the trigger mechanism 34. This arrangement allows the lock to automatically open itself upon being triggered.
  • the latch 30 is coupled to the movable bar 28 so that when that bar is manually closed by a user, the mechanical force applied to close the bar applies energy to load the spring of the latch. That spring in turn stores the energy as potential energy available for release when the latch is triggered (actuated) by the trigger mechanism 34.
  • the latch 30 need not store sufficient energy to open the bar 28 by itself, but merely store enough energy to release the latch 30 so that the bar can be manually opened, e.g., the bar 28 pulled away from the housing 26 by a user.
  • the trigger mechanism 34 may include inductive actuation.
  • the trigger mechanism 34 is preferably arranged to be capable of operation with very low power. Moreover, and quite significantly, the trigger mechanism 34 should only operate in response to an appropriate actuation signal. Thus, it should be immune to spurious activation or triggering caused by external mechanical forces, such as shock, vibration, temperature change, etc., and/or external electromagnetic and other conditions, e.g., temperature changes, applied magnetic fields, etc.
  • Various types of trigger mechanisms 34 can be utilized in this invention providing that they are capable of operating in response to an electrical signal, e.g., they may constitute electrical to mechanical transducers.
  • the triggers may make use of artificial muscles, polymeric gel actuators and electroactive polymer transducers. Triggers based on piezo electric crystals, Hall Effect devices, and eddy current technologies may also be used. Examples of artificial muscle and polymeric actuators are found in United States Letters
  • lock devices are connected to the controlling network and thereby receive information about which key holders to admit and which to deny. While the lock devices of the subject invention may be installed in conjunction with locks of kind, the lock devices of the subject invention are preferably not connected directly to the controlling network.
  • a lock device should be unalterable after either its manufacture or its installation. While it is understood that access privileges could be stored in a lock device as they are in other access control scenarios, this would require maintenance of the lock data over time in the case that users must be added or removed from the list of those with authorization access. Therefore, it is preferred that a lock device be arranged to either: communicate with a network device through a channel provided by the key device to determine whether to operate; shift the code required of a key device to operate the lock device; contain a variety of criteria credentials that may be used at different times from different key devices to operate the lock device; or generate random or cipher interrogatories which a key device must answer satisfactorily to operate the lock device. Further details of each of these modes are provided below.
  • the first mode is the simplest method to prevent an unauthorized key device from gaining access to a lock device. All that is necessary is that the lock device to require a simple password or pass code from the key device. When a key device incorporates a user interface, even this simple process can comprise several steps.
  • Fig. 10 is a schematic representation of an exemplary embodiment of the subject invention in the form of a process 600 for dynamically controlling lock device and key device interactions.
  • the key device initiates dialogue 602 by connecting to the lock device and proffering access credentials.
  • the lock device decides whether to respond 604. On refusal, an improper access attempt may be reported 612. This reporting may occur immediately. A history of such events may be maintained additionally in either or both the lock device 22 and the key device 24.
  • the key device may require 606 the user to re-enter the user's pass code or a pass code specific to that lock device 607, in which case the key device will prompt the user 608 and record the pass code provided 610, and either the key device or lock device will determine whether the proper code has been entered. Again, all failed attempts may be reported as such 612.
  • the second mode involves dialogue with other devices on the control network through the network communication channel of the key device.
  • the lock device requires that the key provide proof that it is currently authorized by the network to access the lock.
  • This may either mean local network devices, such as a cash register or database system, or remote network devices, such as databases at remote facilities connected via telephony or the Internet.
  • the necessary secure communication may be achieved by means of either encryption or authentications which are known in the art.
  • the key device must relay the communication from the lock device to the networks, since the lock device preferably has no network connection of its own independent of the key device.
  • an exemplary embodiment of this process is depicted beginning at step 614.
  • the lock device determines whether the credential of the key device or the user of the key device is to be confirmed through dialogue with the local database.
  • the key device enables and optionally participates in a dialogue between the lock device and the local database 616.
  • the lock device decides whether this process terminates favorably for the user request 618.
  • the lock device may require confirmation of access credentials through dialogue with a remote database 620.
  • this initiates a process involving the lock device, the key, the remote database, and optionally the local database 622.
  • the lock device weighs the outcome of this process 624 and may then unlock 626, report the unlocking 628, and proceed to an optional relocking process 630.
  • the delivery person could carry a different key for each fixture on his route.
  • the delivery person could carry a single key device which is authorized by a remote database of the store chain headquarters.
  • the lock device can request that the key device allow the lock device to query the local database regarding the authority of the delivery person. If the local database is unaware of the credential status of the delivery person, it in turn could initiate a connection to the remote database to verify that the delivery person is authorized to gain access to certain fixtures in that store for the purpose of replenishing inventory.
  • a random key can be deployed to a random store where a random fixture has also been deployed. Together the lock device, the key device, and the network devices could construct the necessary records to make the appropriate access decision, and require no human intervention to do so.
  • a lock device may control access granted to key devices by shifting the codes required for entry.
  • the lock device shifts the code based on a trigger condition, such as, but not limited to, the passage of time, the number of times that the key device and the lock device have interacted, etc.
  • the third mode does not require that the lock device be in communication with the network via the key device.
  • the shifting of the code is done by the lock device independent of actions by the network.
  • the key device must be able to produce the new codes required by the lock device.
  • the key device may be arranged with the necessary information or computational tools to do this.
  • the key device may receive the new codes or elements necessary to generate the new codes from the network.
  • a lock device may control access granted to a number of key devices by way of a matrix of credentials and/or associated codes.
  • credentials include the serial number of the key, the identity of the current key user, the identity of the assigned key user (if not the same as the current key user), the assigned access authority level of the key, the institutional affiliation of the key, and the provenance of the key.
  • Non- limiting examples of such institutional affiliations of the key device include the institution by which the user of the key is employed, the institution for which the user of the key is assigned to work, the institution for which the key is assigned, the geographic region in which the key is assigned, a specific facility for which the key is assigned, a specific department for which the key is assigned, and a specific lock for which the key is assigned.
  • Fig. 12 is a table or matrix representing an exemplary embodiment of the subject invention depicting access credentials of lock devices and of key devices as may occur in a retail facility.
  • lock devices and key devices are provided with identities made up of brand, authority level, company, serial number, store number, department, PIN (personal identification number), work shift, provenance history, and provenance rules.
  • identities made up of brand, authority level, company, serial number, store number, department, PIN (personal identification number), work shift, provenance history, and provenance rules.
  • Such data, and associated codes or code algorithms may be stored in key devices, lock devices, and local or remote databases.
  • the lock device securing the cash drawer will permit access only to a key device which can demonstrate and/or authenticate the following: the security level of the key user is 3 or higher; the key device is assigned to store 1617; the key is assigned to an employee of Joe's Pharmacy; and the drawer is being accessed during shift 1 or 2 by an employee assigned to that shift.
  • the manager and the cashier would be able to open the cash drawer lock device using their key devices.
  • the retail service vendor (RSV) for SureTrim would not be able to open the cash drawer.
  • the SureTrim vendor can only access the lock device of the razor blades merchandising fixture.
  • Such a matrix is greatly advantageous for the ease of deployment of lock devices and key devices, and for the management of access privileges. Rather than maintaining a central record of all serial numbers across all institutions, access information can then be distributed.
  • the exemplary SureTrim Company has no need to know about the access privileges granted inside store to the manager and the cashier. SureTrim can simply provide the fixture to the store pre-configure to allow access, for example, to all authenticated employees of SureTrim. If desired the system may be also configured to allow store managers to access the fixture.
  • matrix access mode is most powerful when used in combination with other modes, i.e., those described above and those described below.
  • a lock device may control access granted to a key device by way of an algorithm for the computation of codes based on one or more conditions and/or pseudorandom number generation.
  • a state machine would be analogous to historic cryptographic systems such as the famed Enigma cipher device of early 20th century.
  • the code required to gain entry to the lock device shifts dynamically, either in response to new data being presented by the key, or simply by the advancement of a comprised state machine.
  • step 604 a lock device operating in this mode could require that the greeting provided by a key device in step 602 contain such a situationally generated code.
  • the lock device could prompt the key device to provide it after receipt of an accepted greeting, much in the way that steps 606 and 607 show such a request being made of the user of the key device.
  • the lock device could generate challenges for the key device in conjunction with network devices to which it communicate through a secure, encrypted, and/or authenticated channel provided by the key device.
  • the key device could similarly generate responses to the lock devices cipher challenges in conjunction with the same or other network device with which it is in communication.
  • the first is the added defense against lock device tampering through electronic eavesdropping. Knowing the password which previously worked is here of no avail. To gain access to such a lock device requires that a key device be able to generate the next, different password that will be required. To do that, the key system must comprise an identical cipher state machine apparatus and hold the identical state machine settings.
  • a lock device may be programmed to cease communicating whatsoever after a certain number of bad access attempts.
  • the decision whether to accept or deny an access request is based at least in part upon the provenance of the lock.
  • One of the most striking problems in key management comes in multiple parties and multiple facilities handling of locked goods. Consider the luggage of passenger air travelers. Travelers would prefer that such luggage be locked to prevent tampering by airline employees, fellow travelers, or passersby.
  • a lock device could be programmed with provenance rule, i.e., a sequence of circumstances in which access may be granted. Such a rule would enable the lock device itself to enforce that proper procedures be followed by various parties having temporary custody of an item in transit.
  • a luggage lock device could be programmed such that it always opens at the request of the owner of the bag, and that the owner may set the status of the lock to "flight secured” by issuing a special command from a key device. Once the status is set to "flight secured” the lock may not be opened by a transportation safety inspector or customs officer until the lock device has been checked in by, but not opened by, a passenger airline luggage agent.
  • the lock device could be further programmed to open only once for each a transportation safety agent and a customs officer.
  • the bag may thus be protected against being opened again by anyone other than the passenger until next set again to "flight secured” by the passenger.
  • the decision whether to accept or deny an access request is based at least in part upon the provenance of the key.
  • the access privileges of a lock may be altered by the sequence of events to which it is subjected, so may the access privileges of a key.
  • Such rules may be contained in the programming of the key and thus be independent of the network with which the key device communicates. Applications of this embodiment could include single-use keys.
  • the key device 24 may take various forms. Referring to Fig. 4, the key device 24 can be a stand-alone unit. Such a dedicated component could be worn by a person on his/her wrist, or suspended from the person's neck by a lanyard, or on a card that can be carried in a wallet or purse, etc.
  • the key device 24 could also be part of any key bearing device.
  • the desired features may be incorporate into any suitable member, such as a cellular telephone, personal digital assistant (PDA), hand-held or laptop computer, or other device carried by a user.
  • PDA personal digital assistant
  • hand-held or laptop computer or other device carried by a user.
  • the key device could be attached to or incorporated into or attached to a vehicle, workstation, or other piece of equipment.
  • lock devices can take many forms.
  • the portability of the lock device 22 enables it to be used anywhere and then readily moved to another location for use thereat.
  • the system 20 is ideally suited to protect items from theft as it travels throughout the supply chain.
  • the system 20 can be used to form a relatively low cost access control system, since the lock devices to restrict access to an area need not be built (e.g. wired for power or data) into the structure housing the restricted area.
  • the system 20 can also form a portion of a mobile commerce system, i.e. used for remote security of items.
  • lock devices take the form of physical locks on static structures.
  • lock devices take the form of control interlocks, whereby the presentation of an authorized key device is necessary to change the state or setting of control device.
  • the secured interlock is a mechanical locking mechanism inhibiting free motion of a physical member.
  • lock devices can take the form of portable product protection items such as, but not limited to, hard tags, safers, spiders, boxes, cases, logistics totes, containers, vehicles, vehicle bodies, and other such structures. Examples include a secure parcel, a secure waste container, and a secure medical sample container.
  • portable product protection items such as, but not limited to, hard tags, safers, spiders, boxes, cases, logistics totes, containers, vehicles, vehicle bodies, and other such structures. Examples include a secure parcel, a secure waste container, and a secure medical sample container.
  • the system 20 can be incorporated at every stage of retail or other supply chains.
  • a hard tag 100 making use of a lock (not shown) constructed in accordance with this invention for protecting an article of merchandise, e.g., a garment, from theft.
  • the hard tag 100 is similar in construction to that disclosed in U.S. Patent No. 7,183,917 (Piccoli, et al.), entitled EAS/RFID Identification Hard Tags, which is assigned to the same assignee as this invention and whose disclosure is incorporated by reference herein.
  • the hard tag 100 basically comprises two interlocking components 102 and 104 which include a lock constructed in accordance with the teachings of this invention.
  • the component 102 includes a pin 106 that is arranged to pierce through the article to be protected, e.g., a garment G.
  • the component 104 houses the lock of this invention and in particular the circuitry 32 (not visible in Fig. 2), the trigger mechanism 34 (also not visible in Fig. 2) and the latch 30 (also not visible in Fig. 2).
  • the latch forms a portion of an activatable clutch 108 which is arranged to receive and trap the pin 106 of the component 102, thereby securing the two components 102 and 104 together on the garment.
  • the hard tag is arranged to operate as follows. When the lock device's on-board circuitry receives a wireless signal from the electronic key 24 (Fig.
  • the trigger mechanism of the lock will be actuated thereby releasing a latch, which in turn releases the clutch 108 to enable the two components to be separated from each other and the hard tag to be removed from the garment.
  • FIG. 3 there is shown an exemplary "safer” or storage box 200 making use of a lock constructed in accordance with this invention for protecting an article of merchandise, e.g., a CD or DVD, from theft.
  • the safer is similar in construction to that disclosed in copending United States Patent Application S.N. 11/154,252, filed on June 16, 2005, entitled Self-Check System and Method For Protecting Digital Media, which is assigned to the same assignee as this invention and whose disclosure is incorporated by reference herein.
  • That device basically comprises a case having a pivot able or hinged access door 202 at an end of the case. The door is arranged to be locked in the position shown in Fig. 3 by a lock 204.
  • the lock 204 is constructed in accordance with this invention, but is not of the padlock type, like shown in Fig. 1, but rather comprises a pair of sleeves, a pair of ferromagnetic locking tongues and a locking bar.
  • the sleeves and locking tongues together make up the latch mechanism to effect the movement of the bar.
  • the bar holds the door in the closed position shown in Fig. 3 to prevent access to the CD or DVD located therein.
  • the locking bar itself comprises a pair of notches that correspond to a pair of protrusions in the tongues . When the cover of the security box 200 is closed, and the locking bar slid downward through the sleeves, the protrusions are biased into the notches, thereby locking the cover in place.
  • the lock 204 like the locks disclosed above, also includes the circuitry 32 (not visible in Fig. 3) and the trigger mechanism 34 (also not visible in Fig. 3).
  • the lock 204 is arranged to operate as follows.
  • the lock's on-board circuitry receives a wireless signal from the electronic key 24 (Fig. 1) and that signal is decoded and determined to be a valid one, the trigger mechanism of the lock will be actuated thereby releasing a latch, which in turn causes a magnet (not shown) in the cover to move the ferromagnetic tongues toward the magnet, thereby disengaging from the notches and freeing the locking bar.
  • the cover of the box can then be pivoted open to provide access to the CD/DVD.
  • lock devices can also take the form of locks on static structures for product protection.
  • Such structures include, but are not limited to, cabinets, lockers, drawers, display fixtures, and dispensing fixtures.
  • An example would be a dispensing medical fixture (e.g. a robotic pharmacy device, and anesthesia machine.)
  • Display fixtures may any number of forms, including but not limited to those which enclose articles for sale and those to which articles are secured by tethers.
  • lock devices can take the form of locks on static structures designed to control human or vehicle ingress or egress, such as, but not limited to the group consisting of: a door, gate, or bar to prevent human transit; or a door, gate, bar, or treadle to prevent vehicle transit.
  • the system 20 can be used, for example, at a retail shelf level where customers can handle or manipulate an item but cannot remove it from the store location due to the item being electronically tethered to the store shelf. Without seeking the assistance of retail staff, customers using a key device could operate the lock device to liberate a secure article of merchandise. The data collection facet of the system could then be arranged to record this action as a valid sale and charge the customer' s account accordingly.
  • Fig.6 depicts a key device suitable for such.
  • the key device 24 incorporates an option user card reader 62.
  • the card 61 could easily, among other options, be a staff identification card, a customer loyalty card, a smart money card, or a credit card.
  • lock devices can take the form of control interlocks on a variety of devices. Controls on many pieces of industrial and commercial equipment are often provided with key switches to prevent unauthorized tampering. For example, network servers and cash registers frequently have such key switches.
  • the lock devices of the present invention can be incorporated into such items to provide a similar level of security and superior deployment, monitoring, and access privileges management.
  • control interlocks take many forms, including but not limited to, bi-state and poly-state devices, continuous controls, and information flow controls.
  • bi-state controls are key power switches, such as those sometimes found on computer servers and on heating and ventilation equipment.
  • locking is analogous to shutting off power, and unlocking to turning power on.
  • Minor variations of the lock device internal design depicted in Fig. IB would allow either of an electromechanical switch closure, an electronic switch, or a mechanical interlock on a user-actuated switch.
  • Another example might be a cut-off valve on a water supply or hydraulic pressure system.
  • Other examples include vehicle ignition switches, and switches on many non-residential lighting, heating, and ventilation systems, industrial, military, and medical systems, and on computing devices.
  • a familiar example of a poly-state control is the fan level of a household air conditioning unit. Such settings might be off, low, medium, and high.
  • the key device could be used to toggle between these settings. Alternatively, the key device could cause the lock device to release a mechanical interlock on a user manipulated control.
  • This configuration can also be used in process interlocks.
  • a lock device may be used to require the authentication of the authority of a machine operator before the operator is allowed to change control parameters.
  • a lock device could serve to control access to continuous control setting. This could be a mechanical control setting wherein the lock device fixes or frees the control to user manipulation. It could also be an electrical or electronic control either manipulated by the user through the key device or directly by the user when freed by the lock device.
  • a lock device could also serve to control the flow of information in, out, or through a device. Non-limiting examples include encrypted media and media players, network portals, data collectors, etc., and the like where data is of a sensitive or critical nature and it is desirable to provide interlocks against unauthorized access.
  • the data transmission could pass through the lock device to the key device. Alternatively, the data could flow directly from the source to the key once access been achieved through the key device/lock device dialogue. Of course, the lock device could simply unlock and enable data transmission of a device which has no data connection to either the lock or the key.
  • the lock device includes a locking status sensor. This provides the user valuable information regarding whether a locking device is properly secured, and regarding when the locking status changed.
  • the lock includes an auxiliary sensor.
  • a sensor could provide valuable information about, for example, the conditional of the lock or an adjacent area or apparatus.
  • the decision whether to accept or deny access request made by the key is based at least in part upon the status of the auxiliary sensor.
  • Fig. 11 is a schematic representation of a process for dynamically controlling the relocking of a lock device opened by a user of a key device in accordance with an aspect of the subject invention.
  • the process 700 begins with an unlocking event 702 being recorded by a key device.
  • the event triggers the starting of a timer 704 which is incremented 732 until a determination has been made that the lock device of the unlocking event 702 is confirmed to be relocked 714.
  • the key device checks whether the time limit is exceeded 706 and, if so, indicates to the user this failure 708 and reports the event to the local database 710.
  • the user may enter a request to either effect locking or to confirm that the locking has been achieved 712.
  • the subject invention optionally provides a method for data collection previously unavailable in systems with standalone intelligent locks.
  • the data collected from key devices can be used for a variety of logistics and compliance monitoring applications.
  • the subject invention enables users to create a trail of forensic quality data which can be used defensibly as a basis for making human resources decisions such as, but not limited to, discipline, dismissal, payment of bonuses, or promotion, as may be appropriate.
  • Such data is also useful in monitoring logistics, e.g., the movement of locked items from one facility to another.
  • systems constructed in accordance with this invention are peculiarly suited for monitoring compliance of lock operations of goods traveling between different institutions, since physical locking and unlocking privileges can be transferred electronically, rather than requiring the physical distribution of physical or electronic keys.
  • Data collection and analysis can insure that all parties are holding to their obligations with respect to the management of lock device secured articles, including who operated the lock devices, when, and where this occurred, and whether this was in compliance with prescribed procedures.
  • provenance rules or access privileges are not to deployed to locks, compliance to established procedures can be monitored.
  • systems constructed in accordance with this invention provide for an honor system, in which explicit or particular control rules are not necessary. Rather, discipline is enforced through the reasonable expectation that lock device and key device activities are monitored.
  • Fig. 7 is a schematic representation of another exemplary embodiment of an access control system in accordance with the subject invention implemented as a hybrid system 199 which includes previously discussed elements and elements of a prior art EAC system.
  • a user 132 has acquired a key device 24 from a registration station 130. Again the key device 24 may be used to open a lock device 22 via a wireless signal 122.
  • Data related to this activity is transmitted by the key device 24 over the network 134 via hub 138.
  • Various network components communicate via connections 173, 180, 184, 185, 186, 190, 191 using any appropriate protocols such as Ethernet.
  • the privileges and activities of the user are buffered in a database 140 and may be transmitted to a remote site via wide area network 150, which may include Internet protocol connections.
  • the access privileges are set by an electronic access control database 170 by a systems administrator 174 working at a terminal 172.
  • the access control database 170 also communicates with a network of EAC devices including main controller 171 and terminal controllers 173A and 173B to control access to, for example, doorway 178 via badge reader 176, as well as other devices not shown.
  • EAC network connections 192 and 194 may be Ethernet type or use a two- wire protocol such as RS485.
  • the doorway and badge reader connections 198 and 193, respectively, are often, but not necessarily, of a proprietary or device-specific nature.
  • the key device 24 may or may not provide an output compatible with the badge reader 176 thereby obviating the need for a separate access control card.
  • Fig. 8 is a schematic representation of another exemplary embodiment of the subject invention arranged for ubiquitous deployment of intelligent locks by consumers in a system 800 which utilizes cellular telephony.
  • access privileges are controlled by the key user 132 through either a computer terminal 810 or a personal communication device 801, here depicted as a cell phone.
  • the privileges are stored in a database 830.
  • the key device is incorporate inside the personal communication device 801.
  • the personal communication device 801 communicates with the lock device 22 via a wireless protocol 122 as described above.
  • the personal communication device 801 is in communicates with the network via a cellular telephony protocol connection 122.
  • the lock device 22 may request to authenticate the request of the key device 800 by communicating through the key device 801 to a cellular communications tower 820 and a network 150 to the privileges database 830.
  • the other connections of the system, 811 , 821 , and 831 are likely to be Internet or other standard network protocol connections. This configuration of the invention is applicable to mobile commerce.
  • a person with a cell phone or other hand-held, wireless device can go to a dispensing or vending machine equipped with a lock device constructed in accordance with the teachings of this invention, to purchase an item in that machine by inputting appropriate information into the cell phone.
  • the cell phone would then transmit the transaction data, e.g., purchase price, item purchased, etc., the credit card system of that person to debit his/her account.
  • the credit card system would transmit an authorization signal to the cell phone, which in turn will produce and transmit an appropriate signal to the dispensing/vending machine to cause the lock device associated with the particular item to be dispensed to open and thereby release the item to the customer.
  • the circuitry in the lock can also be used to transmit information, e.g., status of inventory in the machine, etc., to the computer system of the dispensing machine operator.
  • This usage is differentiated from usual configurations of mobile commerce systems in that the dispensing/vending machine need have no independent means of contacting a network in order to effect a transaction. Further, optionally, the dispensing/vending machine would need no power source to operate the locking device. Hence, the dispensing/vending machine could be deployed by simply moving it into position without connecting to any power or data infrastructure and without providing it with a battery or solar power source.
  • the locks and locking system of this invention provide a very inexpensive and reliable universal device that can readily be used in place of virtually any conventional lock, including hard tag locks, door locks, padlocks, display fixture locks and dispenser locks.
  • locks can be installed at front doors, points of sale, security offices, "employee only” doors, stock rooms, loading docks, etc. This is accomplished through the use of a very inexpensive "tumbler" (e.g., an RF smart card chip or a new variation of a RFID chip), a reliable low-power actuated trigger and a potential energy storing latch in a passive lock that is operated and powered remotely from an electronic key.
  • a very inexpensive "tumbler” e.g., an RF smart card chip or a new variation of a RFID chip
  • the electronic key device of this invention can be a universal device for wirelessly communicating with the locks to open them and transmit and receive data from them and for communicating with any computer system.
  • the subject invention enables one to create an overall system suitable for providing information in the form of a comprehensive log of who has/is opening the locks, including when, where under what circumstances and condition.
  • the system of this invention provides effective and efficient key management, so that authority to open the locks can be altered in real time.
  • the system of this invention effectively solves many, if not all, of the key, key management, tumbler, tumbler setting, and use tracking issues inherent in prior art locking system.
  • the systems of the subject invention provide for a modular deployment solution that can be adjusted to the economics of a customer's use.
  • the systems and devices of the subject invention constitute a radical departure in concept from the conventional idea of a lock system.
  • the locking mechanism is typically the most expensive and elaborate portion of the locking system whereas the key, if a typical key with a toothed shank, is the most inexpensive part of the lock system.
  • the cost of installing a plurality of these expensive locks, with associated keys can easily exceed the budget of the owner.
  • possession of a particular key determines who can gain access to the corresponding lock.
  • managing of (and the unauthorized copying thereof) such keys also presents an even larger problem.
  • the subject invention reverses this entire paradigm since systems constructed in accordance with it can comprise one or a plurality of inexpensive passive locks with a single complex key device, or a limited number of such complex keys, all of which is/are not cost prohibitive to the business owner.
  • possession of the key device is not determinative of controlling access to the locks because the software configuration of the key device is controlled by another entity, e.g., the business owner or headquarters, etc.
  • the business owner or headquarters can immediately change (or implement a time limit on) the key device's software configuration, or the lock device's software configuration, thereby disabling the key device, or rendering it useless, regardless of who has possession of it.
  • the subject invention overcomes these limitations by providing lock devices which require no power or data installation. Instead, intelligent key devices carry the power to the keys and optionally provide a communications pathway by which the keys may contact central databases of access privileges. This resolves the primary logistical barriers to broader lock deployment. For security purposes, it is best to provide the least number of ingress pathways to a lock device. Therefore, the lock device is wireless. There are preferably no keyways in which a thief may insert a tool, nor are electrical contacts provided by which a thief may apply unsafe voltages or currents in an attempt to defeat the interlocking device. Intelligent locking, however, invites the prospect of attempts by thieves to eavesdrop on code transmissions, or to electronically "turn the tumblers" until a valid code is found.
  • the system of the present invention provides a new and unusual opportunity to both secure merchandise and to collect actionable data about activities within a facility.
  • the systems of the present invention provide a unique opportunity to invert the EAC key / and reader price model, and thereby enables economical deployment of intelligent locks on an unprecedented scale.
  • the systems of the subject invention provides a radical new way to manage key privileges and to track key usage along with the convenience of a single device per person to replace large numbers of mechanical keys that would be necessary to achieve the same functions.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Multimedia (AREA)
  • Lock And Its Accessories (AREA)
  • Burglar Alarm Systems (AREA)
EP08781861A 2007-07-23 2008-07-15 System for management of ubiquitously deployed intelligent locks Ceased EP2171693A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/781,642 US20070296545A1 (en) 2005-12-14 2007-07-23 System for management of ubiquitously deployed intelligent locks
PCT/US2008/070092 WO2009014943A1 (en) 2007-07-23 2008-07-15 System for management of ubiquitously deployed intelligent locks

Publications (1)

Publication Number Publication Date
EP2171693A1 true EP2171693A1 (en) 2010-04-07

Family

ID=39830375

Family Applications (1)

Application Number Title Priority Date Filing Date
EP08781861A Ceased EP2171693A1 (en) 2007-07-23 2008-07-15 System for management of ubiquitously deployed intelligent locks

Country Status (8)

Country Link
US (1) US20070296545A1 (zh)
EP (1) EP2171693A1 (zh)
JP (1) JP2010534286A (zh)
CN (1) CN101868810A (zh)
AU (1) AU2008279397A1 (zh)
CA (1) CA2694143A1 (zh)
MX (1) MX2010000844A (zh)
WO (1) WO2009014943A1 (zh)

Families Citing this family (72)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110254661A1 (en) 2005-12-23 2011-10-20 Invue Security Products Inc. Programmable security system and method for protecting merchandise
MX2008011294A (es) * 2006-03-03 2009-03-20 Checkpoint Systems Inc Mecanismo de liberacion energizado con rf para etiqueta dura.
US7515048B1 (en) 2008-05-20 2009-04-07 International Business Machines Corporation Method and system for using RFID to automatically lock and unlock a mobile computing device
US10128893B2 (en) 2008-07-09 2018-11-13 Secureall Corporation Method and system for planar, multi-function, multi-power sourced, long battery life radio communication appliance
US11469789B2 (en) 2008-07-09 2022-10-11 Secureall Corporation Methods and systems for comprehensive security-lockdown
US10447334B2 (en) 2008-07-09 2019-10-15 Secureall Corporation Methods and systems for comprehensive security-lockdown
US9642089B2 (en) 2008-07-09 2017-05-02 Secureall Corporation Method and system for planar, multi-function, multi-power sourced, long battery life radio communication appliance
CN101644116B (zh) * 2008-08-08 2013-12-25 深圳富泰宏精密工业有限公司 蓝牙防盗预警系统及方法
WO2010065667A2 (en) * 2008-12-02 2010-06-10 Qualcomm Incorporated Wireless branding
US8207852B2 (en) * 2009-10-02 2012-06-26 Sherrie Oehlert Audible alert lock
CN102074056B (zh) * 2010-04-09 2012-10-03 武汉聚鑫智能科技有限公司 网络智能防盗门
US9121199B2 (en) * 2010-05-25 2015-09-01 DigiPas USA, LLC Electronic combination lock
US9495820B1 (en) 2010-05-25 2016-11-15 DigiPas USA, LLC Electronic combination lock
US20120047972A1 (en) 2010-09-01 2012-03-01 Invue Security Products Inc. Electronic key for merchandise security device
US8912884B2 (en) * 2010-09-16 2014-12-16 Sentrilock, Llc Electronic key lockout control in lockbox system
US9135422B2 (en) 2011-01-06 2015-09-15 Utc Fire & Security Corporation Trusted vendor access
WO2012155989A1 (en) * 2011-05-19 2012-11-22 Sellmore Bv Antitheft device and unlocking device for the antitheft device
US11017656B2 (en) 2011-06-27 2021-05-25 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US9650808B2 (en) * 2011-06-30 2017-05-16 Kaba Ilco Corp. Self-powered lock system with passive ID detection
GB201115303D0 (en) * 2011-09-05 2011-10-19 Pegasus Innovation Ltd Fastening device
WO2013034671A1 (en) * 2011-09-09 2013-03-14 Param Technologies Corporation, S.L. Apparatus and method for controlling the access of a visitor to a premises
US8860574B2 (en) 2011-09-29 2014-10-14 Invue Security Products Inc. Cabinet lock for use with programmable electronic key
US20130335193A1 (en) * 2011-11-29 2013-12-19 1556053 Alberta Ltd. Electronic wireless lock
CN102638790A (zh) * 2012-03-15 2012-08-15 华为终端有限公司 密码控制方法、装置及系统
WO2013138791A1 (en) * 2012-03-16 2013-09-19 Secureall Corporation Non-contact electronic door locks having specialized radio frequency beam formation
CN102644420B (zh) * 2012-04-23 2015-11-04 武汉工程大学 远程柜门锁控装置和方法
EP2855803A4 (en) 2012-05-21 2016-09-07 Invue Security Products Inc CABINET WITH AUDIO INDICATORS
US9117355B2 (en) 2012-09-28 2015-08-25 Tyco Fire & Security Gmbh Wireless signal actuated security tag
US8963717B2 (en) * 2012-09-28 2015-02-24 Mohammad MOHIUDDIN Mobile device initiated retail transaction using wireless communication for security tag detachment
US11144872B2 (en) * 2012-12-21 2021-10-12 United Parcel Service Of America, Inc. Delivery to an unattended location
US10387824B2 (en) 2012-12-21 2019-08-20 United Parcel Service Of America, Inc. Systems and methods for delivery of an item
EP2804153B1 (en) 2013-05-15 2018-11-21 Nxp B.V. Electronic lock, locking system and method of operating an electronic lock
EP2821970B2 (en) 2013-07-05 2019-07-10 Assa Abloy Ab Access control communication device, method, computer program and computer program product
EP2821972B1 (en) * 2013-07-05 2020-04-08 Assa Abloy Ab Key device and associated method, computer program and computer program product
EP2821971B1 (en) * 2013-07-05 2023-09-20 Assa Abloy Ab Portable access control communication device, method, computer program and computer program product
US20150007619A1 (en) 2013-07-08 2015-01-08 Snowgate, LLC. Apparatus for management of access key used for locker access
EP3019681B1 (en) 2013-07-12 2018-10-03 InVue Security Products, Inc. Merchandise security devices for use with an electronic key
EP3036388A4 (en) * 2013-08-23 2016-06-29 Invue Security Products Inc FAST RELEASE SAFETY DEVICE
US9704316B2 (en) 2013-09-10 2017-07-11 Gregory Paul Kirkjan Contactless electronic access control system
JP2015101914A (ja) * 2013-11-27 2015-06-04 住友電装株式会社 車載無線通信装置
WO2015112336A1 (en) * 2014-01-22 2015-07-30 Invue Security Products Inc. Systems and methods for remotely controlling security devices
EP2908291B1 (en) * 2014-02-14 2020-09-30 Assa Abloy AB Wireless interaction with access control devices
US9443404B2 (en) * 2014-02-14 2016-09-13 Invue Security Products Inc. Tethered security system with wireless communication
EP3035299B1 (en) 2014-12-18 2019-03-27 Assa Abloy Ab Authentication of a user for access to a physical space
BR112017013997B1 (pt) 2014-12-29 2022-06-28 Invue Security Products Inc Sistema de segurança de mercadoria e método para proteger um item de mercadoria suscetível a furto
US9794231B2 (en) 2015-03-16 2017-10-17 Schlage Lock Company Llc License management using cloud based enrollment
US9847020B2 (en) 2015-10-10 2017-12-19 Videx, Inc. Visible light communication of an access credential in an access control system
DE102016201601B4 (de) * 2016-02-03 2019-06-19 Continental Automotive Gmbh Verfahren und Vorrichtungen betreffend insbesondere ein Kraftfahrzeugzugangs- und/oder Start-System
EP3440648A1 (en) * 2016-04-05 2019-02-13 Tether Technologies, Inc. Intelligent asset detachment sensor system
CN105976458A (zh) * 2016-04-20 2016-09-28 上海斐讯数据通信技术有限公司 一种门禁装置及其使用方法、开锁部件及其管理方法
CN206190039U (zh) * 2016-10-26 2017-05-24 华数(厦门)信息有限公司 一种智能锁具
KR102372191B1 (ko) * 2017-03-16 2022-03-08 삼성전자주식회사 전자장치 및 그를 이용한 도어락 제어 방법
US10147255B1 (en) * 2017-05-18 2018-12-04 Elliot Rais Battery free smart lock
EP3652587A4 (en) * 2017-07-14 2021-04-14 A La Carte Media Inc. LOW COST DEVICE AND DECENTRALIZED AND REMOTE RECOVERY PROCESS OF EXPENSIVE ELECTRONIC DEVICES
US10332325B2 (en) * 2017-09-05 2019-06-25 Suprema Inc. Access control system and access control method using the same
CN107939172B (zh) * 2017-12-21 2023-06-06 东屋世安物联科技(江苏)股份有限公司 一种电子密码锁具系统及其验证方法
CN108257269A (zh) * 2018-01-17 2018-07-06 北京锐拓时代科技有限公司 非接触式的身份证刷卡开门系统和方法
CN108397046B (zh) * 2018-04-23 2023-08-29 深圳市易联网络技术有限公司 智能钥匙扣联合管理系统与方法
CN108868350B (zh) * 2018-06-21 2023-12-26 中企众鑫(天津)工业设计有限公司 一种新能源汽车的充电枪电子锁装置
CN109826501A (zh) * 2019-02-27 2019-05-31 国网上海市电力公司 一种基于物联网的电缆分支箱无源锁
JP2021008789A (ja) * 2019-07-03 2021-01-28 株式会社東海理化電機製作所 通信装置、錠装置、およびシステム
CN114423920B (zh) * 2020-08-13 2022-11-18 东屋世安物联科技(江苏)股份有限公司 无源电子锁及其使用方法
US11740853B1 (en) 2020-10-26 2023-08-29 Wells Fargo Bank, N.A. Smart table system utilizing extended reality
US11457730B1 (en) 2020-10-26 2022-10-04 Wells Fargo Bank, N.A. Tactile input device for a touch screen
US11429957B1 (en) 2020-10-26 2022-08-30 Wells Fargo Bank, N.A. Smart table assisted financial health
US11397956B1 (en) 2020-10-26 2022-07-26 Wells Fargo Bank, N.A. Two way screen mirroring using a smart table
US11572733B1 (en) 2020-10-26 2023-02-07 Wells Fargo Bank, N.A. Smart table with built-in lockers
US11741517B1 (en) 2020-10-26 2023-08-29 Wells Fargo Bank, N.A. Smart table system for document management
US11727483B1 (en) 2020-10-26 2023-08-15 Wells Fargo Bank, N.A. Smart table assisted financial health
WO2022167849A1 (en) * 2021-02-04 2022-08-11 Satyajeet Mohanty System and method for operation of an electronic locking device
WO2023196502A1 (en) * 2022-04-06 2023-10-12 Security Enhancement Systems, Llc Multi-mode electronic access control system and method
DE102022124866A1 (de) * 2022-09-27 2024-03-28 ABUS August Bremicker Söhne Kommanditgesellschaft Gepäckschloss

Family Cites Families (62)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US48475A (en) * 1865-06-27 Improvement in locks
US4031434A (en) * 1975-12-29 1977-06-21 The Eastern Company Keyhole-less electronic lock
US4207555A (en) * 1978-03-03 1980-06-10 The Eastern Company Lock system
US5021064A (en) * 1982-06-03 1991-06-04 Dolores R. Rudy Robotic fluid-actuated muscle analogue
US4808993A (en) * 1983-09-29 1989-02-28 Datatrak, Inc. Electronic secure entry system, apparatus and method
US5986564A (en) * 1984-03-28 1999-11-16 Computerized Security Systems, Inc. Microcomputer controlled locking system
US4727369A (en) * 1984-06-29 1988-02-23 Sielox Systems, Inc. Electronic lock and key system
US6072402A (en) * 1992-01-09 2000-06-06 Slc Technologies, Inc. Secure entry system with radio communications
US4914732A (en) * 1985-10-16 1990-04-03 Supra Products, Inc. Electronic key with interactive graphic user interface
US4756171A (en) * 1987-03-02 1988-07-12 Homar Paul F Luggage lock system
US5933086A (en) * 1991-09-19 1999-08-03 Schlage Lock Company Remotely-operated self-contained electronic lock security system assembly
AU673983B2 (en) * 1992-01-09 1996-12-05 Ge Security, Inc. Secure entry system with radio communication
US5250167A (en) * 1992-06-22 1993-10-05 The United States Of America As Represented By The United States Department Of Energy Electrically controlled polymeric gel actuators
FR2706881B1 (zh) * 1993-06-24 1995-07-28 Braillon Magnetique Sa
US5389222A (en) * 1993-09-21 1995-02-14 The United States Of America As Represented By The United States Department Of Energy Spring-loaded polymeric gel actuators
US20050192727A1 (en) * 1994-05-09 2005-09-01 Automotive Technologies International Inc. Sensor Assemblies
US5722266A (en) * 1995-11-21 1998-03-03 Alpha Enterprises, Inc. Universal wrap security device
US6475639B2 (en) * 1996-01-18 2002-11-05 Mohsen Shahinpoor Ionic polymer sensors and actuators
US5874902A (en) * 1996-07-29 1999-02-23 International Business Machines Corporation Radio frequency identification transponder with electronic circuit enabling/disabling capability
US5954264A (en) * 1996-08-09 1999-09-21 Keller; Louis D. Rural mailbox with remote door opener
US5991411A (en) * 1996-10-08 1999-11-23 International Business Machines Corporation Method and means for limiting adverse use of counterfeit credit cards, access badges, electronic accounts or the like
US5889603A (en) * 1996-12-04 1999-03-30 Ut Automotive Dearborn, Inc. Optical drive away prevention security system
US5874724A (en) * 1997-01-10 1999-02-23 International Business Machines Corporation Light selectable radio frequency identification tag and method therefor
US6409086B1 (en) * 1997-08-08 2002-06-25 Symbol Technolgies, Inc. Terminal locking system
US6067892A (en) * 1998-03-18 2000-05-30 Erickson; Joel R. Artificial muscle actuator assembly
US20020024420A1 (en) * 1998-08-12 2002-02-28 Ayala Raymond F. Key for selectively allowing access to an enclosure
US6021655A (en) * 1999-01-26 2000-02-08 Lab Security Systems Corporation Interchangeable core lock repinning apparatus
US6564600B1 (en) * 1999-03-08 2003-05-20 Videx, Inc. Electronic access control device
US20020024418A1 (en) * 1999-08-11 2002-02-28 Ayala Raymond F. Method for a key to selectively allow access to an enclosure
DE19947695A1 (de) * 1999-10-04 2001-04-05 Meto International Gmbh Verfahren zum Aktivieren grosser Mengen von Sicherungselementen für die elektronische Artikelsicherung, Grossaktivator zum Aktivieren dieser Sicherungselemente sowie mit dem Verfahren oder dem Grossaktivator aktivierte Sicherungselemente
CA2392405A1 (en) * 1999-11-30 2001-06-07 Bording Data A/S An electronic key device, a system and a method of managing electronic key information
US6474122B2 (en) * 2000-01-25 2002-11-05 Videx, Inc. Electronic locking system
US6718806B2 (en) * 2000-01-25 2004-04-13 Videx, Inc. Electronic locking system with emergency exit feature
US6615625B2 (en) * 2000-01-25 2003-09-09 Videx, Inc. Electronic locking system
DE10005487A1 (de) * 2000-02-08 2001-08-09 Siemens Ag Verfahren zur Nutzeridentitätskontrolle
US6405532B1 (en) * 2000-07-21 2002-06-18 Environmental Robots, Inc. Metal hydride artificial muscles
DE10137579A1 (de) * 2001-08-01 2003-02-27 Siemens Ag Verfahren zum Übertragen eines Öffnungscodes, Verfahren zum Übertragen eines Verschlusscodes und zugehörige Einheiten
US6876135B2 (en) * 2001-10-05 2005-04-05 Sri International Master/slave electroactive polymer systems
US20030076968A1 (en) * 2001-10-23 2003-04-24 Rast Rodger H. Method and system of controlling automotive equipment remotely
US8091477B2 (en) * 2001-11-27 2012-01-10 Schlumberger Technology Corporation Integrated detonators for use with explosive devices
US6612739B2 (en) * 2001-12-05 2003-09-02 Mohsen Shahinpoor Shape memory alloy temperature sensor
WO2003050547A2 (en) * 2001-12-10 2003-06-19 Bae Systems Information And Electronic Systems Integration Inc. Electric field sensor
ATE268926T1 (de) * 2002-02-13 2004-06-15 Swisscom Ag Zutrittskontrollsystem, zutrittskontrollverfahren und dafur geeignete vorrichtungen
DE10206676A1 (de) * 2002-02-18 2003-08-28 Giesecke & Devrient Gmbh Mit einem Transponder betätigbare Schaltvorrichtung
US7081693B2 (en) * 2002-03-07 2006-07-25 Microstrain, Inc. Energy harvesting for wireless sensor operation and data transmission
WO2003101955A2 (en) * 2002-03-20 2003-12-11 Massachusetts Institute Of Technology Molecular actuators, and methods of use thereof
US20040025039A1 (en) * 2002-04-30 2004-02-05 Adam Kuenzi Lock box security system with improved communication
US7061367B2 (en) * 2002-04-30 2006-06-13 General Electric Company Managing access to physical assets
US7129817B2 (en) * 2002-08-01 2006-10-31 Unirec Co., Ltd. Apparatus for controlling articles in custody
US7870260B2 (en) * 2002-08-09 2011-01-11 Reflexion Networks, Inc. System and method for controlling access to an electronic message recipient
US7051945B2 (en) * 2002-09-30 2006-05-30 Nanosys, Inc Applications of nano-enabled large area macroelectronic substrates incorporating nanowires and nanowire composites
US7183917B2 (en) * 2003-05-19 2007-02-27 Checkpoint Systems, Inc. EAS/RFID identification hard tags
US6957767B2 (en) * 2003-06-30 2005-10-25 International Business Machines Corporation RFID-keyed mailbox, and RFID-based system and method for securing a mailbox
US20050085925A1 (en) * 2003-10-16 2005-04-21 Mohsen Shahinpoor Bio-Potential Activation of Artificial Muscles
KR101101763B1 (ko) * 2004-02-20 2012-01-05 체크포인트 시스템즈 인코포레이티드 보안 태그 자동분리시스템 및 방법
US7380711B2 (en) * 2004-07-23 2008-06-03 Checkpoint Systems, Inc. Self-check system and method for protecting digital media
US7581242B1 (en) * 2005-04-30 2009-08-25 Hewlett-Packard Development Company, L.P. Authenticating products
US20070044523A1 (en) * 2005-08-26 2007-03-01 Videx, Inc. Lock
US20070131005A1 (en) * 2005-12-14 2007-06-14 Checkpoint Systems, Inc. Systems and methods for providing universal security for items
US7752255B2 (en) * 2006-09-19 2010-07-06 The Invention Science Fund I, Inc Configuring software agent security remotely
US7720918B1 (en) * 2006-11-27 2010-05-18 Disney Enterprises, Inc. Systems and methods for interconnecting media services to an interface for transport of media assets
US7792836B2 (en) * 2007-06-17 2010-09-07 Global Telegenetics, Inc. Portals and doors for the semantic web and grid

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2009014943A1 *

Also Published As

Publication number Publication date
WO2009014943A1 (en) 2009-01-29
AU2008279397A1 (en) 2009-01-29
CA2694143A1 (en) 2009-01-29
MX2010000844A (es) 2010-04-21
JP2010534286A (ja) 2010-11-04
US20070296545A1 (en) 2007-12-27
CN101868810A (zh) 2010-10-20

Similar Documents

Publication Publication Date Title
US20070296545A1 (en) System for management of ubiquitously deployed intelligent locks
AU2006332553B2 (en) Systems and methods for providing universal security for items
US10453291B2 (en) Intelligent key system
CN102667870B (zh) 用于监视系统的密钥设备
US5886634A (en) Item removal system and method
US20120011367A1 (en) Method for Controlling and Recording the Security of an Enclosure
US20110289123A1 (en) Method for Controlling and Recording the Security of an Enclosure
US11528454B2 (en) Lock system including automation notification and surveillance integration
US20120011366A1 (en) Method for Controlling and Recording the Security of an Enclosure
US20110289124A1 (en) Method for Controlling and Recording the Security of an Enclosure
JP2016503523A (ja) 携帯用デバイスのためのモバイル小売周辺プラットフォーム
TR201810790T4 (tr) Ticari malların korunması için güvenlik sistemi ve yöntemi.
AU2005217966A1 (en) System and method for authenticated detachment of product tags
PT1237445E (pt) Sistema de entrega ou levantamento seguro
WO2014134458A1 (en) Wireless signal actuated security tag
US20230169813A1 (en) Merchandise display security systems and methods
CN101371277A (zh) 用于提供对象通用安全性的系统和方法
US20220067635A1 (en) Inventory tracking systems and methods
GB2362188A (en) Security system for lockable enclosures
US11842587B1 (en) System, comprising a lock unit for a cabinet and at least one portable user terminal
WO2014201090A2 (en) Security device for use with electronic key

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20100127

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA MK RS

DAX Request for extension of the european patent (deleted)
17Q First examination report despatched

Effective date: 20110906

REG Reference to a national code

Ref country code: DE

Ref legal event code: R003

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20131202